πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Search…
πŸ““
πŸ““
πŸ““
πŸ““
Red Team Notes 2.0
Introduction
Red Team
Red Team Techniques
Initial Access
Execution
Persistence
T1574: Hijack Execution Flow
T1133:External Remote Services
T1546:Event Triggered Execution
T1543:Create or Modify System Process
T1136: Create Account
T1554:Compromise Client Software Binary
T1547:Boot or Logon AutoStart Execution
T1197: BITS Jobs
T1053: Scheduled Tasks/Job
T1098: Account Manipulation
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Active Directory
Active Directory
Active Directory Attacks
Red Team Infrastructure
RED TEAM INFRASTRUCTURE
Domain Name and Categorization
Reconnaissance
Weaponization
Delivery
Situational Awareness
Credential Dumping
Persistence
Defense Evasion
Privilege Escalation
Lateral Movement
Powered By GitBook
Persistence
The Adversary is trying to maintain their foothold.
Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code.
Previous
PowerShell
Next
T1574: Hijack Execution Flow
Last modified 1yr ago
Copy link